Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.

Key security incidents that shaped 2013
Posted on 4-Dec-2013 18:52. | Tags Filed under: News.



Some of the key security findings of the past year have raised questions about the way we use the Internet and the types of risks we face, says a spokesperson for the Kaspersky Lab ANZ.

2013 saw the continuation of large-scale operations by advanced threat actors, as well as the emergence of specialist ‘for hire’ APT groups focused on hit-and-run operations.

Here is a review of some of the notable incidents that happened this year:

Privacy loss: Lavabit, Silent Circle, NSA and the loss of trust

No IT security overview of 2013 would be complete without mentioning Edward Snowden and the wider privacy implications of his revelations. One of the first visible effects was the shutdown of encrypted e-mail services such as Lavabit and Silent Circle. The reason was their inability to provide such services under pressure from law enforcement and other governmental agencies.

Another story which has implications over privacy is the NSA sabotage of the elliptic curve cryptographic algorithms released through NIST.

Cyber-espionage campaigns: up to 1800 victim organisations in 2013

The majority of the cyber-espionage campaigns that Kaspersky Lab’s analysts have seen were designed to steal data from governmental agencies and research institutions with waves such as Red October, NetTraveler, Icefog and MiniDuke all behaving this way.

The most widespread campaign of the year was the NetTraveler espionage campaign which affected victims from 40 countries all over the world.

For the first time, cybercriminals harvested information from mobile devices connected to the victims’ networks – a clear recognition of the importance of mobile devices to hackers.

Red October, MiniDuke, NetTraveler and Icefog all started by ‘hacking the human’. They employed spear-phishing to get an initial foothold in the organisations they targeted.

Costin Raiu, Director of Kaspersky Lab’s Global Research and Analysis team, commented that these campaigns “were part of an emerging trend that appeared in 2013 – attacks by small groups of cyber-mercenaries who conduct small hit-and-run attacks. Going forward, we predict that more of these groups will appear as an underground black market for ‘APT’ services begins to emerge.”

Hacktivist activities continue

Hacker group ‘Anonymous’ claimed responsibility for attacks on the US Department of Justice, Massachusetts Institute of Technology and the web sites of various governments. Those claiming to be part of the ‘Syrian Electronic Army’ claimed responsibility for hacking the Twitter account of Associated Press and sending a false tweet reporting explosions at the White House – which wiped $136 billion off the DOW. For those with the relevant skills, it has become easier to launch an attack on a web site than to coordinate real-world protests.

Ransomware

The methods used by cybercriminals to make money from their victims are not always subtle. Apart from Bitcoins, which could potentially be stolen, ‘ransomware’ programs have become a popular means of making easy money – as is the case with the Cryptolocker Trojan.


More information: http://securelist.com...
comments powered by Disqus


Trending now »

Hot discussions in our forums right now:

Who Audits IRD?
Created by gundar, last reply by gundar on 22-Oct-2014 13:00 (15 replies)

American legal jurisdiction in New Zealand
Created by ajobbins, last reply by gzt on 21-Oct-2014 14:58 (30 replies)
Pages... 2


Another Trade Me competitor: SellShed
Created by freitasm, last reply by SellShed on 22-Oct-2014 11:54 (42 replies)
Pages... 2 3


Spark Socialiser
Created by freitasm, last reply by old3eyes on 22-Oct-2014 10:37 (26 replies)
Pages... 2


Overcharged by Slingshot for months - warning to existing customers
Created by dusty42, last reply by richms on 21-Oct-2014 19:15 (27 replies)
Pages... 2


Snap have failed our company!
Created by dafman, last reply by toejam316 on 22-Oct-2014 13:03 (25 replies)
Pages... 2


Just bought a TiVo online. No wireless adaptor. Will a standard one work? Or do I need the TiVo one ?
Created by Limerick, last reply by graemeh on 20-Oct-2014 16:03 (11 replies)

iPad Air 2 and iPad Mini 3. Gonna get one?
Created by Dingbatt, last reply by dickytim on 22-Oct-2014 12:46 (60 replies)
Pages... 2 3 4